Abstract: A system for performing authorization of a user in a virtual reality environment includes a virtual reality user device. The virtual reality user device includes a display configured to display a virtual environment. The user device receives a virtual authentication object comprising a virtual representation of an object that the user can manipulate to enter an authentication code. The user device detects gestures performed by the user on the displayed virtual authentication object and forms an authentication request, which includes the virtual authentication object, the detected gestures; and an identifier of the user. The user device sends the authentication request to an authentication server. The authentication server determines an authentication code using the virtual authentication object and the detected gestures.

Abstract: A system includes a request processing system which enables the system to fulfill data requests by grouping and combining requested data elements, while conserving computing resources and increasing security of the requested data elements associated during storage and transmission over a network. The system is configured to identify one or more groups of data elements associated with one or more identifiers, each data element in a group associated with a component of an identifier. The system combines each of the one or more groups of data elements based on a unique association between the components of each identifier. The system subsequently removes the sub-wrappers from the data elements in the one or more groups of data elements, and sends the combined one or more groups of data elements to relevant requestors.

Abstract: A system includes a request processing system which enables the system to reduce request processing time, increase overall throughput of the system, while conserving computing resources and increasing data security associated with the storage and transmission of requests and requested information over a network. The system is configured to gather a plurality of requests, encapsulate each of the requests in a wrapper, split each of the encapsulated requests into sub-requests that are encapsulated in sub-wrappers, divide the encapsulated sub-requests into multiple groups based on some attributes, and send the multiple groups of encapsulated sub-requests to relevant data repositories.

Abstract: A system that includes a plurality of cloud servers in signal communication with user devices and an authentication server. Each cloud server is configure to generate a cloud key that is uniquely linked with a user associated with a user device and the cloud server and send the cloud key to the user device. The authentication server is configured to receive a network resource access request comprising the cloud key from the user device, perform multi-factor authentication with the user associated with the user device, and identify a cloud server from among the plurality of cloud servers based on a user profile linked with the user. The authentication server is further configured to send a key validation request to the identified cloud server, receive a key validation response, determine whether the cloud key passes verification, and send a network resource access response to the user device.

Abstract: A network authentication device that includes an authentication engine. The authentication engine is configured to receive an authentication key request from a user device that identifies an account. The authentication engine is configured to obtain an authentication key and to establish a first set of authentication rules for the authentication key. The authentication engine is configured to identify one or more triggering events associated with an increased threat to the account and to establish a second set of authentication rules for the authentication key. The authentication engine is configured to perform key validation for the authentication key using the first set of authentication rules and to send the authentication key to the user device. The authentication engine is configured to detect a triggering event from the one or more triggering events has occurred and perform the key validation for the authentication key using the second set of authentication rules.

Abstract: A network authentication device that includes an authentication engine in signal communication with a network interface. The authentication engine is configured to receive an authentication key request from a first user device that identifies an account linked with a first user and a second user device. The authentication engine is configured to generate an authentication key and to establish a first set of authentication rules for the first user and a second set of authentication rules for the second user. The authentication engine is configured to generate a first authentication key fragment comprising a first portion of the authentication key and a second authentication key fragment comprising a second portion of the authentication key and to send the first authentication key fragment to the first user device and the second authentication key fragment to the second user device.

Abstract: An augmented reality system that includes an augmented reality user device for a first person including a head-mounted display configured to overlay virtual objects onto tangible objects in real-time, a memory, a camera, and one or more processors. The augmented reality user device is configured to perform facial recognition on the captured image to identify a face of the second person, to identify an entry for the second person, and to initiate a peer-to-peer transfer when the entry for the second person has been identified. The augmented reality user device is further configured to authenticate the identify of the second person, to generate a transfer token for facilitating the peer-to-peer transfer, and to send the transfer token to a first institution associated with the first person to initiate the peer-to-peer transfer. A network device of the first institution is configured to receive the transfer token and facilitate the peer-to-peer transfer.

Abstract: In certain embodiments, a system determines to assign a computing resource to one or more users that are affiliated with an institution. The system pre-injects a first tag into a first portion of the computing resource and then assigns the computing resource to the one or more users. The first tag is associated with the institution and requires a first token to access the first portion of the computing resource. The system mid-process or post injects a second tag into a second portion of the computing resource. The second tag is associated with one of the users and requires a second token to access the second portion of the computing resource. The system controls access to the first and second portions of the computing resource based on whether subsequent requests to access the computing resource comprise the first token, the second token, or both.

Abstract: An apparatus includes a tokenizer and a validator. The tokenizer divides a file into first, second, and third portions. The tokenizer also encrypts the first, second, and third portions using a first key to produce first, second, and third tokens. The validator receives a fourth token with a signature of a first user and receives a fifth token with a signature of a second user. The validator also combines the first token, the fourth token, and the fifth token to produce a second key and determines whether the second key matches the first key. If the second key does not match the first key, the validator communicates an alert indicating that the first key does not match the second key. If the second key does match the first key, the validator decrypts first, fourth, and fifth tokens to reproduce the file.

Abstract: An example embodiment includes a first subsystem, a second subsystem, and a third subsystem in different locations, where the first subsystem is configured to receive a request to deliver a set of packets to the third subsystem, send the set of packets to the second subsystem, and send, through first nodes, a first data stream containing the a set of packets to the third subsystem. The second subsystem is configured to receive the a set of packets and send, through second nodes that differ from the first nodes, a second data stream containing a set of packets to the third subsystem. In addition, the third subsystem is configured to receive the first and second data streams, determine that each data stream comprises the a set of packets, and send the set of packets from one of the first and second data streams to a downstream component.

Abstract: An example embodiment includes a first, second, and third subsystem, each in different locations, where the first subsystem receives a request to deliver data to the third subsystem, sends a first subset of the data to the second subsystem, and sends, through first nodes, a first data stream containing a second subset of the data different from the first subset to the third subsystem. The second subsystem receives the first subset from the first subsystem, and sends, through second nodes that differ from the first nodes, a second data stream containing the first subset to the third subsystem. Furthermore, the third subsystem receives the first and second data streams, determines that the first and second data streams, in combination, contain the data, builds a data set containing the data based on the first and second data streams, and sends the data set to a downstream component of the third subsystem.

Abstract: Access control in a hybrid cloud infrastructure may include receiving privacy settings with privacy groups and constituent privacy subcategories, registering the privacy groups and privacy subcategories according to the privacy settings, receiving a request to share files over the network, determining a privacy subcategory to associate with the files based on characteristics of the files, and assigning the privacy subcategory to the files. In particular embodiments, the system may receive subsequent access requests for any of the files and implement access control by granting or denying access to the file based on the assigned privacy groups or privacy subcategories.

Abstract: In an embodiment, a system contains a network testing engine that sends test data along different paths of a network between a source and a destination, wherein each path contains a plurality of network nodes, and receives, in response to sending the test data, response data about the paths. The system further contains a network path characteristics engine that determines characteristics of each path based on the response data, and a delivery parameters engine that receives a request for delivery of a data load from the source to the destination and determines, based on the request, delivery parameters. Furthermore, the system contains the source and a path selection engine that determines a selected path of the different paths based on the characteristics of the paths and the delivery parameters, and sends the selected data path to the source, which sends the data load along the selected path to the destination.

Abstract: A flexible testing environment may include requesting an allocation of resources and testing characteristics of a project, verifying the testing characteristics, registering the project for testing, determining whether resources can be allocated for testing based on the testing characteristics and available resources, and allocating resources based on the testing characteristics and available resources. During testing of the project, the system may receive changes to the testing characteristics of the project, thereby causing adjustments to the allocated resources based on the updated testing characteristics. In certain embodiments, testing characteristics may closely approximate the resources employed by the project in a live production environment.

Abstract: A system that includes a device with a processor is configured to receive a first set of data elements and to obtain an encryption key from a memory. The processor is further configured to encrypt the first set of data elements using the encryption key, to embed the first set of encrypted data elements within a first block for the block chain, and to generate a first encrypted element map identifying the locations of the first set of encrypted data elements within the first block. The processor is further configured to combine the encryption key with the first encrypted element map to generate a creator tag, to encrypt the creator tag, to embed the creator tag within the first block, and to publish the first block to a block chain.

Abstract: A system for performing authorization of a user in an augmented reality environment comprises an augmented reality user device, an automatic teller machine, and an authentication server. The automatic teller machine has a keypad with unmarked buttons. The augmented reality user device includes a display configured to overlay virtual objects onto a field of view of a user. The augmented reality user device receives a virtual keypad overlay, which assigns values to the unmarked buttons of the keypad. Using the overlay, the augmented reality user device displays the assigned values on the buttons of the keypad. The automatic teller machine detects an input sequence entered on the keypad and sends the input sequence to the authentication server. The authentication server determines an authentication code by combining the input sequence with the virtual keypad overlay, and compares the determined authentication code with an authentication code stored in a database.

Abstract: A system for performing authorization of a user in a virtual reality environment includes a virtual reality user device. The virtual reality user device includes a display configured to display a virtual environment. The user device receives a virtual authentication object comprising a virtual representation of an object that the user can manipulate to enter an authentication code. The user device detects gestures performed by the user on the displayed virtual authentication object and forms an authentication request, which includes the virtual authentication object, the detected gestures; and an identifier of the user. The user device sends the authentication request to an authentication server. The authentication server determines an authentication code using the virtual authentication object and the detected gestures.

Abstract: A system for authorizing an electronic transaction in an augmented reality environment comprises an augmented reality user device and an authentication server. The augmented reality user device includes a display that overlays virtual objects onto a field of view of the user. The user device receives a request to verify information about a payment card used in an electronic transaction. The request includes a virtual authentication object, which is a virtual representation of an object capable of being manipulated by the user in a particular sequence to enter an authentication code. The user device displays the virtual authentication object to the user and detects gestures performed on the virtual authentication object. The user device sends the detected gestures to the authentication server. The authentication server determines the authentication code using the virtual authentication object and the detected gestures, and uses it to authorize the transaction.

Abstract: An augmented reality system that includes an augmented reality user device for a first person including a head-mounted display configured to overlay virtual objects onto tangible objects in real-time, a memory, a camera, and one or more processors. The augmented reality user device is configured to perform facial recognition on the captured image to identify a face of the second person, to identify an entry for the second person, and to initiate a peer-to-peer transfer when the entry for the second person has been identified. The augmented reality user device is further configured to authenticate the identify of the second person, to generate a transfer token for facilitating the peer-to-peer transfer, and to send the transfer token to a first institution associated with the first person to initiate the peer-to-peer transfer. A network device of the first institution is configured to receive the transfer token and facilitate the peer-to-peer transfer.

Abstract: Systems for the automated capture of forensic data information are presented. An example system may receive an access/modification request directed to a data item(s), generate an initial data capture record for the data item(s), and send the record to an isolated, secure data preservation module before granting the request. After the access/modification, the system may generate a post-access data capture record and send it to the preservation module. The system may determine the content of the generated records, based on, e.g., content of the data item(s), before generation. For example, the system may determine a first content type for records where data item(s) include critical data, and a second content type for records that do not, to, e.g., efficiently allocate system resources while minimizing any disruption to an accessing user. The system may also utilize different encryption and decryption key techniques based on, e.g., the content of the data item(s).